[Safe Browsing] Only check main frame and iframe URLs on Mobile, for speed.

chrome/browser/renderer_host/safe_browsing_resource_throttle.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/renderer_host/safe_browsing_resource_throttle.h"
 
 #include "base/logging.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/values.h"
 #include "chrome/browser/browser_process.h"
@@ skipping 11 matching lines @@
 
 using net::NetLog;
 
 namespace {
 
 // Maximum time in milliseconds to wait for the safe browsing service to
 // verify a URL. After this amount of time the outstanding check will be
 // aborted, and the URL will be treated as if it were safe.
 const int kCheckUrlTimeoutMs = 5000;
 
-// Return true for resource types that are very unlikely to produce a successful
-// malware or phishing page without the main frame also being bad.  This is a
-// latency / safety trade-off, used only on mobile.  We're conservative here,
-// keeping this list small and leaving off uncommon types since they won't save
-// us much on aggregate latency.
-bool IsResourceTypeMostlySafe(content::ResourceType resource_type) {
-  switch (resource_type) {
-    case content::RESOURCE_TYPE_STYLESHEET:
-    case content::RESOURCE_TYPE_IMAGE:
-    case content::RESOURCE_TYPE_FONT_RESOURCE:
-    case content::RESOURCE_TYPE_FAVICON:
-      return true;
-    default:
-      return false;
-  }
-}
-
 void RecordHistogramResourceTypeSafe(content::ResourceType resource_type) {
   UMA_HISTOGRAM_ENUMERATION("SB2.ResourceTypes.Safe", resource_type,
                             content::RESOURCE_TYPE_LAST_TYPE);
 }
 
 // Return a dictionary with "url"=|url-spec| and optionally
 // |name|=|value| (if not null), for netlogging.
 // This will also add a reference to the original request's net_log ID.
 scoped_ptr<base::Value> NetLogUrlCallback(
     const net::URLRequest* request,
@@ skipping 23 matching lines @@
 }  // namespace
 
 // TODO(eroman): Downgrade these CHECK()s to DCHECKs once there is more
 //               unit test coverage.
 
 // static
 SafeBrowsingResourceThrottle* SafeBrowsingResourceThrottle::MaybeCreate(
     net::URLRequest* request,
     content::ResourceType resource_type,
     SafeBrowsingService* sb_service) {
-#if defined(SAFE_BROWSING_DB_LOCAL)
-  // Throttle consults a local database before starting the resource request.
-  return new SafeBrowsingResourceThrottle(
-      request, resource_type, sb_service, DEFER_AT_START,
-      SafeBrowsingService::CHECK_ALL_RESOURCE_TYPES);
-#elif defined(SAFE_BROWSING_DB_REMOTE)
-  if (!sb_service->IsAndroidFieldTrialEnabled() ||
-      !sb_service->database_manager()->IsSupported()) {
+  if (sb_service->database_manager()->IsSupported()) {
+    return new SafeBrowsingResourceThrottle(request, resource_type, sb_service);
+  } else {

[Lei Zhang, 2015/10/19 23:26:00]

nit: no else after return.

[Nathan Parker, 2015/10/19 23:48:13]

Done.

     return nullptr;
   }
-
-  // Throttle consults a remote database before processing the response.
-  return new SafeBrowsingResourceThrottle(
-      request, resource_type, sb_service, DONT_DEFER_AT_START,
-      sb_service->GetResourceTypesToCheck());
-#else
-#error "Incompatible compile flags for safe_browsing_resource_throttle"
-#endif
 }
 
 SafeBrowsingResourceThrottle::SafeBrowsingResourceThrottle(
     const net::URLRequest* request,
     content::ResourceType resource_type,
-    SafeBrowsingService* sb_service,
-    DeferAtStartSetting defer_setting,
-    SafeBrowsingService::ResourceTypesToCheck resource_types_to_check)
-    : defer_at_start_(defer_setting == DEFER_AT_START),
-      resource_types_to_check_(resource_types_to_check),
-      state_(STATE_NONE),
+    SafeBrowsingService* sb_service)
+    : state_(STATE_NONE),
       defer_state_(DEFERRED_NONE),
       threat_type_(SB_THREAT_TYPE_SAFE),
       database_manager_(sb_service->database_manager()),
       ui_manager_(sb_service->ui_manager()),
       request_(request),
       resource_type_(resource_type),
       bound_net_log_(net::BoundNetLog::Make(request->net_log().net_log(),
                                             NetLog::SOURCE_SAFE_BROWSING)) {}
 
 SafeBrowsingResourceThrottle::~SafeBrowsingResourceThrottle() {
@@ skipping 28 matching lines @@
       type, base::Bind(&NetLogStringCallback, name, value));
   request_->net_log().AddEvent(
       type, bound_net_log_.source().ToEventParametersCallback());
 }
 
 void SafeBrowsingResourceThrottle::WillStartRequest(bool* defer) {
   // We need to check the new URL before starting the request.
   if (CheckUrl(request_->url()))
     return;
 
-  if (!defer_at_start_)
+  // We let the check run in parallel with resource load only if this
+  // db_manager only supports asynchronous checks, like on mobile.
+  // Otherwise, we defer now.
+  if (database_manager_->ChecksAreAlwaysAsync())
     return;
 
   // If the URL couldn't be verified synchronously, defer starting the
   // request until the check has completed.
   defer_state_ = DEFERRED_START;
   defer_start_time_ = base::TimeTicks::Now();
   *defer = true;
   BeginNetLogEvent(NetLog::TYPE_SAFE_BROWSING_DEFERRED, request_->url(),
                    "defer_reason", "at_start");
 }
 
 void SafeBrowsingResourceThrottle::WillProcessResponse(bool* defer) {
   CHECK_EQ(defer_state_, DEFERRED_NONE);
-  if (defer_at_start_)
+  // TODO(nparker): Maybe remove this check, since it should have no effect.
+  if (!database_manager_->ChecksAreAlwaysAsync())
     return;
 
   if (state_ == STATE_CHECKING_URL ||
       state_ == STATE_DISPLAYING_BLOCKING_PAGE) {
     defer_state_ = DEFERRED_PROCESSING;
     defer_start_time_ = base::TimeTicks::Now();
     *defer = true;
     BeginNetLogEvent(NetLog::TYPE_SAFE_BROWSING_DEFERRED, request_->url(),
                      "defer_reason", "at_response");
   }
@@ skipping 145 matching lines @@
     if (defer_state_ != DEFERRED_NONE) {
       ResumeRequest();
     }
   } else {
     controller()->Cancel();
   }
 }
 
 bool SafeBrowsingResourceThrottle::CheckUrl(const GURL& url) {
   CHECK_EQ(state_, STATE_NONE);
-  // To reduce aggregate latency on mobile, skip checking resources that
-  // can't do much harm.
-  if (resource_types_to_check_ ==
-          SafeBrowsingService::CHECK_ONLY_DANGEROUS_TYPES &&
-      IsResourceTypeMostlySafe(resource_type_)) {
+  // To reduce aggregate latency on mobile, check only the most dangerous
+  // resource types.
+  if (!database_manager_->CanCheckResourceType(resource_type_)) {
     UMA_HISTOGRAM_ENUMERATION("SB2.ResourceTypes.Skipped", resource_type_,
                               content::RESOURCE_TYPE_LAST_TYPE);
     return true;
   }
 
   bool succeeded_synchronously = database_manager_->CheckBrowseUrl(url, this);
   UMA_HISTOGRAM_ENUMERATION("SB2.ResourceTypes.Checked", resource_type_,
                             content::RESOURCE_TYPE_LAST_TYPE);
 
   if (succeeded_synchronously) {
@@ skipping 42 matching lines @@
                        unchecked_redirect_url_, "defer_reason",
                        "resumed_redirect");
     }
   }
 
   if (resume) {
     defer_state_ = DEFERRED_NONE;
     controller()->Resume();
   }
 }